com.bea.netuix.servlets.filters
Class IncludeSecurityFilter

Filter to check security constraints on resources that get included via wlp. J2EE spec does not perform
security checks to included or forwarded resources by default.
To lock down resources, add a security constraint to web.xml, which protects direct access to these resources.
Entitlements can be added to lock down access to portal resources (desktops, books, pages, portlets, etc).
Since portlets could include content that is protected, using this filter will make sure we check access to all
resources prior to including them.
To disable this feature a no-op filter can be added in each webApps web.xml, see com.bea.p13n.servlets.NullFilter

For example, the filter is enabled by this include filter being enabled: